[gentoo-commits] repo/gentoo:master commit in: net-misc/openvpn/files/, net-misc/openvpn/ - gentoo-commits

From:	Jason Donenfeld <zx2c4@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] repo/gentoo:master commit in: net-misc/openvpn/files/, net-misc/openvpn/
Date:	Tue, 14 Feb 2017 19:47:12
Message-Id:	`1487101628.576416b15056b11df59e03473e4e82037d74ee9b.zx2c4@gentoo`

1

commit:     576416b15056b11df59e03473e4e82037d74ee9b

2

Author:     Jason A. Donenfeld <zx2c4 <AT> gentoo <DOT> org>

3

AuthorDate: Tue Feb 14 19:46:32 2017 +0000

4

Commit:     Jason Donenfeld <zx2c4 <AT> gentoo <DOT> org>

5

CommitDate: Tue Feb 14 19:47:08 2017 +0000

6

URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=576416b1

7

8

net-misc/openvpn: fix bug 608244

9

10

Package-Manager: Portage-2.3.3, Repoman-2.3.1

11

12

 .../openvpn/files/openvpn-2.4.0-fix-libressl.patch  | 21 +++++++++++++++++++++

13

 net-misc/openvpn/openvpn-2.4.0-r1.ebuild            |  1 +

14

 2 files changed, 22 insertions(+)

15

16

diff --git a/net-misc/openvpn/files/openvpn-2.4.0-fix-libressl.patch b/net-misc/openvpn/files/openvpn-2.4.0-fix-libressl.patch

17

new file mode 100644

18

index 0000000000..4c3aca5d5a

19

--- /dev/null

20

+++ b/net-misc/openvpn/files/openvpn-2.4.0-fix-libressl.patch

21

@@ -0,0 +1,21 @@

22

+diff --git a/src/openvpn/ssl_openssl.c b/src/openvpn/ssl_openssl.c

23

+index 8266595..a889332 100644

24

+--- a/src/openvpn/ssl_openssl.c

25

++++ b/src/openvpn/ssl_openssl.c

26

+@@ -508,10 +508,13 @@ tls_ctx_load_ecdh_params(struct tls_root_ctx *ctx, const char *curve_name

27

+         const EC_GROUP *ecgrp = NULL;

28

+         EVP_PKEY *pkey = NULL;

29

+

30

+-        /* Little hack to get private key ref from SSL_CTX, yay OpenSSL... */

31

+-        SSL ssl;

32

+-        ssl.cert = ctx->ctx->cert;

33

+-        pkey = SSL_get_privatekey(&ssl);

34

++        SSL *ssl = SSL_new(ctx->ctx);

35

++        if (!ssl)

36

++        {

37

++            crypto_msg(M_FATAL, "SSL_new failed");

38

++        }

39

++        pkey = SSL_get_privatekey(ssl);

40

++        SSL_free(ssl);

41

+

42

+         msg(D_TLS_DEBUG, "Extracting ECDH curve from private key");

43

44

diff --git a/net-misc/openvpn/openvpn-2.4.0-r1.ebuild b/net-misc/openvpn/openvpn-2.4.0-r1.ebuild

45

index 1b64d5b698..bd85309308 100644

46

--- a/net-misc/openvpn/openvpn-2.4.0-r1.ebuild

47

+++ b/net-misc/openvpn/openvpn-2.4.0-r1.ebuild

48

@@ -52,6 +52,7 @@ CONFIG_CHECK="~TUN"

49

50

 PATCHES=(

51

 	"${FILESDIR}/${PN}-external-cmocka.patch"

52

+	"${FILESDIR}/${PN}-2.4.0-fix-libressl.patch"

53

)

54

55

 pkg_setup()  {

1	commit: 576416b15056b11df59e03473e4e82037d74ee9b
2	Author: Jason A. Donenfeld <zx2c4 <AT> gentoo <DOT> org>
3	AuthorDate: Tue Feb 14 19:46:32 2017 +0000
4	Commit: Jason Donenfeld <zx2c4 <AT> gentoo <DOT> org>
5	CommitDate: Tue Feb 14 19:47:08 2017 +0000
6	URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=576416b1
7
8	net-misc/openvpn: fix bug 608244
9
10	Package-Manager: Portage-2.3.3, Repoman-2.3.1
11
12	.../openvpn/files/openvpn-2.4.0-fix-libressl.patch \| 21 +++++++++++++++++++++
13	net-misc/openvpn/openvpn-2.4.0-r1.ebuild \| 1 +
14	2 files changed, 22 insertions(+)
15
16	diff --git a/net-misc/openvpn/files/openvpn-2.4.0-fix-libressl.patch b/net-misc/openvpn/files/openvpn-2.4.0-fix-libressl.patch
17	new file mode 100644
18	index 0000000000..4c3aca5d5a
19	--- /dev/null
20	+++ b/net-misc/openvpn/files/openvpn-2.4.0-fix-libressl.patch
21	@@ -0,0 +1,21 @@
22	+diff --git a/src/openvpn/ssl_openssl.c b/src/openvpn/ssl_openssl.c
23	+index 8266595..a889332 100644
24	+--- a/src/openvpn/ssl_openssl.c
25	++++ b/src/openvpn/ssl_openssl.c
26	+@@ -508,10 +508,13 @@ tls_ctx_load_ecdh_params(struct tls_root_ctx ctx, const char curve_name
27	+ const EC_GROUP *ecgrp = NULL;
28	+ EVP_PKEY *pkey = NULL;
29	+
30	+- /* Little hack to get private key ref from SSL_CTX, yay OpenSSL... */
31	+- SSL ssl;
32	+- ssl.cert = ctx->ctx->cert;
33	+- pkey = SSL_get_privatekey(&ssl);
34	++ SSL *ssl = SSL_new(ctx->ctx);
35	++ if (!ssl)
36	++ {
37	++ crypto_msg(M_FATAL, "SSL_new failed");
38	++ }
39	++ pkey = SSL_get_privatekey(ssl);
40	++ SSL_free(ssl);
41	+
42	+ msg(D_TLS_DEBUG, "Extracting ECDH curve from private key");
43
44	diff --git a/net-misc/openvpn/openvpn-2.4.0-r1.ebuild b/net-misc/openvpn/openvpn-2.4.0-r1.ebuild
45	index 1b64d5b698..bd85309308 100644
46	--- a/net-misc/openvpn/openvpn-2.4.0-r1.ebuild
47	+++ b/net-misc/openvpn/openvpn-2.4.0-r1.ebuild
48	@@ -52,6 +52,7 @@ CONFIG_CHECK="~TUN"
49
50	PATCHES=(
51	"${FILESDIR}/${PN}-external-cmocka.patch"
52	+ "${FILESDIR}/${PN}-2.4.0-fix-libressl.patch"
53	)
54
55	pkg_setup() {

Gentoo Archives: gentoo-commits